What are StratEngine AI data connections?

StratEngine AI connects to Google Drive, OneDrive, and Dropbox for two distinct purposes: importing proprietary documents so research can run alongside web sources, and exporting analysis results (strategy briefs and investment memos) directly to the user's own storage. This page explains how StratEngine handles, stores, and protects data at every step of the import and export workflow. Management consultants, corporate strategy teams, venture capitalists, PE firms, family offices, and commercial real estate investors use StratEngine data connections to keep originals inside their own storage while running AI-powered analysis on the working copy.

How does StratEngine AI keep connected data secure?

Does StratEngine AI permanently store uploaded files?

No. StratEngine never permanently stores original files from connected storage. When you connect Google Drive, OneDrive, or Dropbox for import, StratEngine pulls a temporary working copy into a staging bucket inside our private Google Cloud network. Your original stays in your drive, untouched. The staging copy is parsed inside our private network and then deleted on ingestion — there is no 8-hour cache window, no overnight staging. What persists is the searchable layer: text excerpts and embeddings, each tagged to your organization and isolated at every query. The staging-copy infrastructure inherits SOC 2 and ISO 27001 from Google Cloud, with encryption in transit (TLS 1.2+) and at rest (AES-256).

What permissions does StratEngine AI request for connected storage?

StratEngine requests the minimum permissions needed for each use case. For document import, StratEngine requests read-only access to the files you choose to share. For export, StratEngine uses Google's drive.file scope (and the equivalent app-folder grant on OneDrive and Dropbox). That scope only lets StratEngine write the files StratEngine creates — we cannot open them again afterward, even if we wanted to. Import and export are separate connection flows; you can connect either or both, and revoke either independently from your storage provider's settings.

How do StratEngine AI import connections work?

What happens when users connect storage for document import?

Connecting storage for import is an OAuth 2.0 handshake with the storage provider — StratEngine never sees your storage password. Once connected, StratEngine pulls a temporary working copy of the files you've shared into a staging bucket inside our VPC (private network). The staging copy is parsed locally inside our network, text is extracted, and that text is converted into search embeddings. The staging copy is deleted on ingestion. The original file in your storage is never touched. What remains in the StratEngine database is the searchable layer: text excerpts and embeddings tagged to your organization. When you run a research query, StratEngine searches that index and pulls relevant excerpts into the report.

What data does StratEngine AI store from imported documents?

StratEngine stores text excerpts, search embeddings (numerical vectors used for semantic search), and file names with metadata — all tagged to your organization. StratEngine does not store original files (they live in your storage, untouched), passwords (OAuth handles auth), or anything tied to another organization. This approach enables fast AI-powered search across proprietary documents while keeping the durable storage of sensitive originals on your side.

How does StratEngine AI isolate data between organizations?

Per-tenant isolation is enforced at the database layer, not the application layer. Postgres row-level security on Supabase tags every record with the organization's identifier and rejects queries from another organization's session. A compromised application instance cannot read across tenants, because the boundary is in the database itself. Team members within an organization share access to that organization's connected data so the team can collaborate; cross-organization access is structurally impossible.

How do StratEngine AI export connections work?

How does StratEngine AI handle Investment mode exports?

Investment-mode analyses (investment memos and the underlying research reports) are one-shot artifacts. The moment you export, StratEngine creates the documents in your connected storage and clears the analysis content from the StratEngine database. Only the link to the artifact in your own storage remains in StratEngine — the memo itself lives in your Drive, OneDrive, or Dropbox. Without an export connection, the full memo and research report sit in the StratEngine database, viewable in the application; once you connect export, the content moves to your storage and clears from ours. This retention model gives investors complete control over where sensitive deal-vetting memos live after the analysis is complete.

How does StratEngine AI handle Strategy mode exports?

Strategy mode is iterative. Strategy briefs, inputs, and conversation history stay in the StratEngine database regardless of export settings because users refine inputs, have conversations, and evolve the brief over time. Strategy exports are one-way snapshots for sharing or archiving. Changes you make to an exported document do not sync back to StratEngine, and changes you make in StratEngine do not update previously exported documents. Management consultants and corporate strategy teams use this pattern to keep working versions in StratEngine while sharing point-in-time snapshots with clients or stakeholders.

Can users export existing analyses after connecting storage?

Yes. If you ran Investment analyses before connecting an export destination, you can export them afterward. Connect your export destination, click Export on any existing analysis, and StratEngine creates the documents in your connected storage and clears the content from the StratEngine database. Only the document link remains in StratEngine. You can start on a free tier, then upgrade, connect export, and move sensitive content to your own storage at any time.

How does StratEngine AI organize exported files?

When you connect an export destination, StratEngine creates a clean folder structure in your storage. The top-level directory is named StratEngine, with subfolders for Investment Analysis and Strategy Analysis. Each analysis gets its own dated, named subfolder containing the generated files. For example, an Investment analysis for Company A on 2025-01-05 would live at StratEngine/Investment Analysis/2025-01-05 · Company A/ with the investment memo and the underlying research report. Predictable, greppable, easy to archive.

What security architecture protects StratEngine AI connections?

How does StratEngine AI handle authentication for connected storage?

StratEngine uses OAuth 2.0 for all storage connections. StratEngine never sees or stores storage passwords. You can revoke StratEngine's access at any time from your storage provider's connected-apps settings (Google Account security and third-party apps for Google Drive, Microsoft account permissions for OneDrive, Dropbox security settings for Dropbox). Revocation is immediate.

How does StratEngine AI secure its databases?

StratEngine databases use private IPs only and are not addressable from the public internet. All database traffic stays inside the private Google Cloud network through VPC isolation — no public IP, no externally reachable endpoint. Internal connections use TLS encryption. Per-tenant isolation is enforced at the database layer via Postgres row-level security on Supabase, so even a compromised application instance cannot read across tenants.

How does StratEngine AI secure the import pipeline?

The import pipeline pulls a temporary working copy of your files into a staging bucket inside our VPC. The staging copy is deleted on ingestion. All connections use TLS 1.2+ encryption — no data crosses the network unencrypted. Data at rest is encrypted with AES-256 on Google Cloud Platform. Document parsing runs inside our private network with no third-party access to content. Embeddings are generated using AI providers that run with zero data retention by default, so content is not used to train AI models. All processing stays within Google Cloud infrastructure.

Where does StratEngine AI store each type of data?

This is the procurement-grade view of the data pipeline. Every row below names a class of data, where it physically lives, and who can access it.

Frequently Asked Questions About StratEngine AI Data Connections

Can other organizations see my connected data in StratEngine AI?

No. Per-tenant isolation is enforced at the database layer via Postgres row-level security. Every record is tagged to your organization, and queries from other organizations are rejected at the database, not by application code. Cross-organization access is structurally impossible.

Can everyone in my organization see connected data?

Yes. Team members within an organization share access to that organization's connected storage and analysis results. Data connections and search results are scoped at the organization level. This enables collaboration among team members while keeping the boundary between organizations enforced at the database.

What happens when I disconnect my storage from StratEngine AI?

For import connections, the indexed search data for that connection (text excerpts and embeddings) is permanently deleted from the StratEngine database. Future searches will not include documents from the disconnected source. For export connections, the documents already created in your storage stay there — they belong to you. StratEngine simply removes the connection, and future analyses will not auto-export to that destination.

Can I use different providers for import and export in StratEngine AI?

Yes. You can import from multiple providers simultaneously (Google Drive plus Dropbox, for example) and export to a single destination. Import and export use separate connection flows and are configured independently.

Can I export analyses I ran before connecting export?

Yes. Run the analysis first, connect an export destination later, then click Export on any existing Investment analysis. StratEngine creates the documents in your storage and clears the content from our database. Only the link remains.

How do I revoke StratEngine AI access to my storage?

Two paths. Inside StratEngine, disconnect from the settings page. Or revoke directly from your storage provider's connected-apps settings (Google Account security and third-party apps, Microsoft account permissions, or Dropbox security settings). Either path is immediate.

Is my data used to train AI models?

No. The AI providers behind the analysis run with zero data retention by default: your prompts and the generated outputs are not retained after the response is returned, and the data is not used to train future models. Both properties are the default behavior of the AI providers we use, not a contract addendum specific to StratEngine.

How long does StratEngine AI keep files during import?

The staging copy is deleted on ingestion. There is no 8-hour cache, no overnight window. The original file in your storage is never touched. What persists in the StratEngine database is the searchable layer: text excerpts and embeddings.

What certifications does the StratEngine AI infrastructure inherit?

The compute layer (Google Cloud) is independently certified to ISO 27001:2022, SOC 2, PCI DSS, and FedRAMP. The database layer (Supabase) is SOC 2 Type II certified. StratEngine the application itself is CASA Tier 2 certified. See stratengineai.com/security for the full certification posture and how each one applies.

Is the StratEngine AI database accessible from the internet?

No. StratEngine databases use private IPs only. All access happens inside the private Google Cloud network through VPC isolation. There is no public endpoint, no externally reachable address.

What storage providers does StratEngine support?

Google Drive, OneDrive, and Dropbox today. The OAuth pattern (`drive.file` and equivalent app-folder grants) is consistent across providers: import uses read-only scopes, export uses write-only scopes limited to the files StratEngine creates.

How do I get in touch about data connections?

For questions about data connections, security configurations, or vendor due diligence, contact the StratEngine team at info@stratengineai.com. We respond to security and procurement questions from management consulting firms, corporate strategy teams, VCs, PE firms, family offices, and commercial real estate investors evaluating StratEngine for sensitive document workflows.